K8S-DNS-003
kubernetes
network_error
ai_generated
true
插件/循环:检测到区域 "." 的循环(127.0.0.1:53),请参阅 https://coredns.io/plugins/loop#troubleshooting
plugin/loop: Loop (127.0.0.1:53) detected for zone ".", see https://coredns.io/plugins/loop#troubleshooting
ID: kubernetes/coredns-loop-detected
85%修复率
87%置信度
1证据数
2023-04-05首次发现
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| coredns 1.8.0 | active | — | — | — |
| coredns 1.9.0 | active | — | — | — |
| coredns 1.10.0 | active | — | — | — |
| kubernetes 1.22 | active | — | — | — |
| kubernetes 1.24 | active | — | — | — |
根因分析
CoreDNS 将 DNS 查询转发给自己,造成循环,通常是因为节点的 /etc/resolv.conf 指向 localhost 或 Pod 的 DNS 策略配置了错误的上游。
English
CoreDNS is forwarding DNS queries to itself, creating a loop, usually because the node's /etc/resolv.conf points to localhost or the pod's DNS policy misconfigures upstream.
官方文档
https://coredns.io/plugins/loop/解决方案
-
编辑 CoreDNS ConfigMap(kube-system/coredns)以添加 `loop` 插件并设置正确的上游 DNS。例如,确保 forward 指令指向有效的外部 DNS(例如 `forward . /etc/resolv.conf`),而不是 localhost。
-
检查节点的 /etc/resolv.conf 中是否有指向 127.0.0.1 或回环地址的 nameserver 条目。如果有,将其更改为有效的 DNS 服务器 IP(例如 8.8.8.8)并重启 kubelet。
无效尝试
常见但无效的做法:
-
Delete the CoreDNS pod and let it restart.
95% 失败
The loop is caused by configuration, not a transient state; restarting will not fix the underlying issue.
-
Set the node's /etc/resolv.conf to use a public DNS like 8.8.8.8.
60% 失败
This may break cluster-internal DNS resolution for services and pods.